0day.today - Biggest Exploit Database in the World.
- We use one main domain: http://0day.today
- Most of the materials is completely FREE
- If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earn
GOLD
Administration of this site uses the official contacts. Beware of impostors!
We DO NOT use Telegram or any messengers / social networks!Please, beware of scammers!
- Read the [ agreement ]
- Read the [ Submit ] rules
- Visit the [ faq ] page
- [ Register ] profile
- Get [ GOLD ]
- If you want to [ sell ]
- If you want to [ buy ]
- If you lost [ Account ]
- Any questions [ admin@0day.today ]
- Authorisation page
- Registration page
- Restore account page
- FAQ page
- Contacts page
- Publishing rules
- Agreement page
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Contact us
You can contact us by:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Tripwire IP360 VnE Remote Administrative API Authentication Bypass Vulnerability
Author
Risk
[Security Risk High
]0day-ID
Category
Date add
CVE
Platform
Document Title ================ Tripwire IP360 VnE Remote Administrative API Authentication Bypass/Privilege Acquisition Vulnerability Affected Products =================== Vendor: Tripwire Software/Appliance: IP360 VnE Vulnerability Manager Affected (verified) versions: v7.2.2 -> v7.2.5 CVE ===== CVE-2015-6237 CVSS ======= CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/RL:O/RC:C Base Score: 10.0 Temporal Score: 9.5 Vulnerability Summary ====================== The IP350 VnE is susceptible to a remote XML-RPC authentication bypass vulnerability, which allows for specially crafted privileged commands to be remotely executed without authentication. The RPC service is available on the public HTTPS interface of the VnE by default, and cannot be disabled. Impact ======== Successful exploitation will allow a remote unauthenticated attacker to execute commands and queries against the API normally only available to privileged users. Attack vectors include the ability to enumerate all local/remote users, reset any password of a user on the system, and manipulate IP filter restrictions for any user. Users configured to use external authentication sources (e.g. LDAP) can have a local password created and made usable by an attacker while the authorized user continues to use external authentication. The combined vectors could allow for remote administrative privilege acquisition. Remediation ============= Update to v7.2.6 Relevant Timeline ==================== 18/08/2015: Initial vendor contact 19/08/2015: Vulnerability provided to vendor 19/08/2015: Vulnerability accepted by vendor 25/08/2015: Vulnerability confirmed by vendor 30/09/2015: Update with vulnerability fix released by vendor 01/10/2015: Advisory posted # 0day.today [2024-07-03] #